3 matches found
CVE-2022-44820
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/managetransaction=...
CVE-2022-44820
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/managetransaction&id=...
CVE-2022-44820
Automotive Shop Management System v1.0 is affected by a SQL Injection in the admin endpoint /asms/admin/?page=transactions/manage_transaction&id=. The root cause is lack of validation of externally-entered SQL in the id parameter, enabling attackers to manipulate the database and potentially exfi...